Ruby on Rails Rails 7.2.0 Beta 1
Approved changes feed: RSS · Atom
cpe:2.3:a:rubyonrails:rails:7.2.0:beta1:*:*:*:*:*:*
part: a version: 7.2.0 update: beta1
| Vendor | Rubyonrails (a0962337-0e2d-518c-b84b-f2864721d062) |
|---|---|
| Product | Rails (4bc463b7-a5fc-5e2f-aea1-023dcfc59b73) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:gem/rails |
purl2cpe | 2026-06-01 10:11:28.275204 |
pkg:github/rails/rails |
purl2cpe | 2026-06-01 10:11:28.275205 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-32464 |
vulnerable | 2026-06-03 14:55:41.089191 |
ActionText ContentAttachment can Contain Unsanitized HTML
MEDIUM (6.1)
Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This vulnerability is fixed in 7.1.3.4 and 7.2.0.beta2.
Published: 2024-06-04T19:53:59.774Z
Updated: 2024-08-02T02:13:39.964Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-28103 |
vulnerable | 2026-06-03 14:55:25.107875 |
Action Pack is missing security headers on non-HTML responses
MEDIUM (5.4)
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
Published: 2024-06-04T19:47:44.199Z
Updated: 2024-12-06T13:09:28.269Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.